Return-Path: X-Original-To: apmail-airavata-commits-archive@www.apache.org Delivered-To: apmail-airavata-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5BBD410E8D for ; Tue, 10 Feb 2015 19:24:04 +0000 (UTC) Received: (qmail 99256 invoked by uid 500); 10 Feb 2015 19:24:04 -0000 Delivered-To: apmail-airavata-commits-archive@airavata.apache.org Received: (qmail 99206 invoked by uid 500); 10 Feb 2015 19:24:04 -0000 Mailing-List: contact commits-help@airavata.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@airavata.apache.org Delivered-To: mailing list commits@airavata.apache.org Received: (qmail 99193 invoked by uid 99); 10 Feb 2015 19:24:04 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 10 Feb 2015 19:24:04 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 270E8DFDDE; Tue, 10 Feb 2015 19:24:04 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: chathuri@apache.org To: commits@airavata.apache.org Date: Tue, 10 Feb 2015 19:24:04 -0000 Message-Id: <2bf0372aa4494d95944d00517d909ca7@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [1/2] airavata git commit: fixing AIRAVATA-1561 Repository: airavata Updated Branches: refs/heads/master 30aefc46b -> d262e9f4e fixing AIRAVATA-1561 Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/4ec9dc30 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/4ec9dc30 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/4ec9dc30 Branch: refs/heads/master Commit: 4ec9dc309a618897c3b3dddbbc6a9842c89139f8 Parents: 09876ee Author: Chathuri Wimalasena Authored: Tue Feb 10 14:23:34 2015 -0500 Committer: Chathuri Wimalasena Committed: Tue Feb 10 14:23:34 2015 -0500 ---------------------------------------------------------------------- .../credential/store/client/TestSSLClient.java | 133 +++++++++++++++++++ .../store/server/CredentialStoreServer.java | 21 ++- .../server/CredentialStoreServerHandler.java | 30 ++++- .../airavata/credential/store/util/Utility.java | 14 +- 4 files changed, 184 insertions(+), 14 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata/blob/4ec9dc30/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/client/TestSSLClient.java ---------------------------------------------------------------------- diff --git a/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/client/TestSSLClient.java b/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/client/TestSSLClient.java new file mode 100644 index 0000000..dc0889e --- /dev/null +++ b/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/client/TestSSLClient.java @@ -0,0 +1,133 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.airavata.credential.store.client; + +import org.apache.airavata.common.exception.ApplicationSettingsException; +import org.apache.airavata.common.utils.AiravataUtils; +import org.apache.airavata.common.utils.Constants; +import org.apache.airavata.common.utils.ServerSettings; +import org.apache.airavata.credential.store.cpi.CredentialStoreService; +import org.apache.airavata.credential.store.datamodel.CertificateCredential; +import org.apache.airavata.credential.store.datamodel.CommunityUser; +import org.apache.airavata.credential.store.datamodel.SSHCredential; +import org.apache.thrift.TException; +import org.apache.thrift.protocol.TBinaryProtocol; +import org.apache.thrift.protocol.TProtocol; +import org.apache.thrift.transport.TSSLTransportFactory; +import org.apache.thrift.transport.TTransport; +import org.apache.thrift.transport.TTransportException; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; + +public class TestSSLClient { + private void invoke() { + TTransport transport; + try { + AiravataUtils.setExecutionAsServer(); + TSSLTransportFactory.TSSLTransportParameters params = + new TSSLTransportFactory.TSSLTransportParameters(); + String keystorePath = ServerSettings.getCredentialStoreThriftServerKeyStorePath(); + String keystorePWD = ServerSettings.getCredentialStoreThriftServerKeyStorePassword(); + params.setTrustStore(keystorePath, keystorePWD); + final int serverPort = Integer.parseInt(ServerSettings.getSetting(Constants.CREDNETIAL_SERVER_PORT, "8960")); + final String serverHost = ServerSettings.getSetting(Constants.CREDNETIAL_SERVER_HOST, null); + + transport = TSSLTransportFactory.getClientSocket(serverHost, serverPort, 10000, params); + TProtocol protocol = new TBinaryProtocol(transport); + + CredentialStoreService.Client client = new CredentialStoreService.Client(protocol); +// testSSHCredential(client); + testCertificateCredential(client); + transport.close(); + } catch (TTransportException e) { + e.printStackTrace(); + }catch (ApplicationSettingsException e) { + e.printStackTrace(); + } + } + + public static void testSSHCredential (CredentialStoreService.Client client){ + try { + SSHCredential sshCredential = new SSHCredential(); + sshCredential.setUsername("test"); + sshCredential.setGatewayId("testGateway"); + sshCredential.setPassphrase("mypassphrase"); + String token = client.addSSHCredential(sshCredential); + System.out.println("SSH Token :" + token); + SSHCredential credential = client.getSSHCredential(token, "testGateway"); + System.out.println("private key : " + credential.getPrivateKey()); + System.out.println("public key : " + credential.getPublicKey()); + }catch (TTransportException e) { + e.printStackTrace(); + } catch (TException e) { + e.printStackTrace(); + } + } + + public static void testCertificateCredential (CredentialStoreService.Client client){ + try { + CertificateCredential certificateCredential = new CertificateCredential(); + CommunityUser communityUser = new CommunityUser("testGateway", "test", "test@ddsd"); + certificateCredential.setCommunityUser(communityUser); + X509Certificate[] x509Certificates = new X509Certificate[1]; + KeyStore ks = KeyStore.getInstance("JKS"); + File keyStoreFile = new File("/Users/chathuri/dev/airavata/credential-store/oa4mp/airavata.jks"); + FileInputStream fis = new FileInputStream(keyStoreFile); + char[] password = "airavata".toCharArray(); + ks.load(fis,password); + x509Certificates[0] = (X509Certificate) ks.getCertificate("airavata"); + certificateCredential.setX509Cert(x509Certificates[0].toString()); + String token = client.addCertificateCredential(certificateCredential); + System.out.println("Certificate Token :" + token); + CertificateCredential credential = client.getCertificateCredential(token, "testGateway"); + System.out.println("certificate : " + credential.getX509Cert()); + System.out.println("gateway name : " + credential.getCommunityUser().getGatewayNmae()); + }catch (TTransportException e) { + e.printStackTrace(); + } catch (TException e) { + e.printStackTrace(); + } catch (KeyStoreException e) { + e.printStackTrace(); + } catch (FileNotFoundException e) { + e.printStackTrace(); + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + } catch (CertificateException e) { + e.printStackTrace(); + } catch (IOException e) { + e.printStackTrace(); + } + } + + public static void main(String[] args) { + TestSSLClient c = new TestSSLClient(); + c.invoke(); + + } +} http://git-wip-us.apache.org/repos/asf/airavata/blob/4ec9dc30/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServer.java ---------------------------------------------------------------------- diff --git a/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServer.java b/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServer.java index c5a8023..f0e14d5 100644 --- a/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServer.java +++ b/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServer.java @@ -1,4 +1,23 @@ - +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ package org.apache.airavata.credential.store.server; http://git-wip-us.apache.org/repos/asf/airavata/blob/4ec9dc30/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServerHandler.java ---------------------------------------------------------------------- diff --git a/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServerHandler.java b/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServerHandler.java index 65ee48a..a364618 100644 --- a/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServerHandler.java +++ b/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/server/CredentialStoreServerHandler.java @@ -1,3 +1,23 @@ +/* + * + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ package org.apache.airavata.credential.store.server; import org.apache.airavata.common.exception.ApplicationSettingsException; @@ -66,7 +86,7 @@ public class CredentialStoreServerHandler implements CredentialStoreService.Ifac credential.setPublicKey(sshCredential.getPublicKey().getBytes()); } if (sshCredential.getPublicKey() == null || sshCredential.getPrivateKey() == null) { - credential = Utility.generateKeyPair(sshCredential.getUsername(), sshCredential.getPassphrase()); + credential = Utility.generateKeyPair(credential); } sshCredentialWriter.writeCredentials(credential); return token; @@ -97,11 +117,11 @@ public class CredentialStoreServerHandler implements CredentialStoreService.Ifac certificateCredentialWriter.writeCredentials(credential); return token; } catch (CredentialStoreException e) { - log.error("Error occurred while saving SSH Credentials.", e); - throw new org.apache.airavata.credential.store.exception.CredentialStoreException("Error occurred while saving SSH Credentials."); + log.error("Error occurred while saving Certificate Credentials.", e); + throw new org.apache.airavata.credential.store.exception.CredentialStoreException("Error occurred while saving Certificate Credentials."); } catch (Exception e) { - log.error("Error occurred while generating key pair.", e); - throw new org.apache.airavata.credential.store.exception.CredentialStoreException("Error occurred while generating key pair.."); + log.error("Error occurred while converting to X509 certificate.", e); + throw new org.apache.airavata.credential.store.exception.CredentialStoreException("Error occurred while converting to X509 certificate.."); } } http://git-wip-us.apache.org/repos/asf/airavata/blob/4ec9dc30/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/util/Utility.java ---------------------------------------------------------------------- diff --git a/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/util/Utility.java b/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/util/Utility.java index 9f97ee9..0ea7bc1 100644 --- a/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/util/Utility.java +++ b/modules/credential-store-service/credential-store/src/main/java/org/apache/airavata/credential/store/util/Utility.java @@ -23,6 +23,7 @@ package org.apache.airavata.credential.store.util; import com.jcraft.jsch.JSch; import com.jcraft.jsch.KeyPair; +import org.apache.airavata.credential.store.credential.impl.ssh.SSHCredential; import org.apache.commons.io.FileUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -83,25 +84,22 @@ public class Utility { return new char[0]; } - public static org.apache.airavata.credential.store.credential.impl.ssh.SSHCredential generateKeyPair(String userName, String passphrase) throws Exception{ + public static org.apache.airavata.credential.store.credential.impl.ssh.SSHCredential generateKeyPair(SSHCredential credential) throws Exception{ JSch jsch=new JSch(); try{ KeyPair kpair=KeyPair.genKeyPair(jsch, KeyPair.RSA); File file = File.createTempFile("id_rsa", ""); String fileName = file.getAbsolutePath(); - kpair.writePrivateKey(fileName,passphrase.getBytes()); + kpair.writePrivateKey(fileName,credential.getPassphrase().getBytes()); kpair.writePublicKey(fileName + ".pub" , ""); kpair.dispose(); byte[] priKey = FileUtils.readFileToByteArray(new File(fileName)); byte[] pubKey = FileUtils.readFileToByteArray(new File(fileName + ".pub")); - org.apache.airavata.credential.store.credential.impl.ssh.SSHCredential sshCredential = new org.apache.airavata.credential.store.credential.impl.ssh.SSHCredential(); - sshCredential.setPrivateKey(priKey); - sshCredential.setPublicKey(pubKey); - sshCredential.setPortalUserName(userName); - sshCredential.setPassphrase(passphrase); - return sshCredential; + credential.setPrivateKey(priKey); + credential.setPublicKey(pubKey); + return credential; } catch(Exception e){ log.error("Error while creating key pair", e);